diff --git a/src/HostedExplorer.tsx b/src/HostedExplorer.tsx
index 09db31f57..946b79720 100644
--- a/src/HostedExplorer.tsx
+++ b/src/HostedExplorer.tsx
@@ -18,6 +18,7 @@ import { SignInButton } from "./Platform/Hosted/Components/SignInButton";
 import { useAADAuth } from "./hooks/useAADAuth";
 import { FeedbackCommandButton } from "./Platform/Hosted/Components/FeedbackCommandButton";
 import { HostedExplorerChildFrame } from "./HostedExplorerChildFrame";
+import { extractMasterKeyfromConnectionString } from "./Platform/Hosted/HostedUtils";
 
 initializeIcons();
 
@@ -60,7 +61,8 @@ const App: React.FunctionComponent = () => {
         frameWindow.hostedConfig = {
           authType: AuthType.ConnectionString,
           encryptedToken,
-          encryptedTokenMetadata
+          encryptedTokenMetadata,
+          masterKey: extractMasterKeyfromConnectionString(connectionString)
         };
       } else if (authType === AuthType.ResourceToken) {
         frameWindow.hostedConfig = {
diff --git a/src/Main.tsx b/src/Main.tsx
index 00866c611..e3ac0aa55 100644
--- a/src/Main.tsx
+++ b/src/Main.tsx
@@ -80,9 +80,7 @@ import {
   getDatabaseAccountKindFromExperience,
   getDatabaseAccountPropertiesFromMetadata
 } from "./Platform/Hosted/HostedUtils";
-
-// TODO: Encapsulate and reuse all global variables as environment variables
-window.authType = AuthType.AAD;
+import { DefaultExperienceUtility } from "./Shared/DefaultExperienceUtility";
 
 // const accountResourceId =
 // authType === AuthType.EncryptedToken
@@ -111,16 +109,15 @@ const App: React.FunctionComponent = () => {
             accessToken: encodeURIComponent(win.hostedConfig.encryptedToken)
           });
 
-          // const apiExperience: string = DefaultExperienceUtility.getDefaultExperienceFromApiKind(
-          //   Main._accessInputMetadata.apiKind
-          // );
+          const apiExperience: string = DefaultExperienceUtility.getDefaultExperienceFromApiKind(
+            win.hostedConfig.encryptedTokenMetadata.apiKind
+          );
           explorer.initDataExplorerWithFrameInputs({
             databaseAccount: {
               id: "",
               // id: Main._databaseAccountId,
               name: win.hostedConfig.encryptedTokenMetadata.accountName,
-              kind: "",
-              kind: getDatabaseAccountKindFromExperience(win.hostedConfig.encryptedTokenMetadata.apiKind),
+              kind: getDatabaseAccountKindFromExperience(apiExperience),
               properties: getDatabaseAccountPropertiesFromMetadata(win.hostedConfig.encryptedTokenMetadata),
               tags: []
             },
@@ -140,11 +137,14 @@ const App: React.FunctionComponent = () => {
             isTryCosmosDBSubscription: explorer.isTryCosmosDBSubscription()
           });
           explorer.isAccountReady(true);
-        } else if (window.authType === AuthType.ResourceToken) {
-        } else if (window.authType === AuthType.ConnectionString) {
-        } else if (window.authType === AuthType.AAD) {
-          const account = window.databaseAccount;
-          const serverId = AuthHeadersUtil.serverId;
+        } else if (win.hostedConfig.authType === AuthType.ResourceToken) {
+          window.authType = AuthType.EncryptedToken;
+        } else if (win.hostedConfig.authType === AuthType.ConnectionString) {
+          // This might seem weird, but for legacy reasons lots of code expects a connection string login to look and act like an encrypted token login
+          window.authType = AuthType.EncryptedToken;
+        } else if (win.hostedConfig.authType === AuthType.AAD) {
+          window.authType = AuthType.AAD;
+          const account = win.hostedConfig.databaseAccount;
           const accountResourceId = account.id;
           const subscriptionId = accountResourceId && accountResourceId.split("subscriptions/")[1].split("/")[0];
           const resourceGroup = accountResourceId && accountResourceId.split("resourceGroups/")[1].split("/")[0];
@@ -154,11 +154,11 @@ const App: React.FunctionComponent = () => {
             resourceGroup,
             masterKey: "",
             hasWriteAccess: true, //TODO: 425017 - support read access
-            authorizationToken: `Bearer ${window.authorizationToken}`,
+            authorizationToken: `Bearer ${win.hostedConfig.authorizationToken}`,
             features: extractFeatures(),
             csmEndpoint: undefined,
             dnsSuffix: undefined,
-            serverId: serverId,
+            serverId: AuthHeadersUtil.serverId,
             extensionEndpoint: configContext.BACKEND_ENDPOINT,
             subscriptionType: CollectionCreation.DefaultSubscriptionType,
             quotaId: undefined,
diff --git a/src/Platform/Hosted/HostedUtils.ts b/src/Platform/Hosted/HostedUtils.ts
index ed0410e3b..55abc41ec 100644
--- a/src/Platform/Hosted/HostedUtils.ts
+++ b/src/Platform/Hosted/HostedUtils.ts
@@ -43,3 +43,9 @@ export function getDatabaseAccountKindFromExperience(apiExperience: string): str
 
   return Constants.AccountKind.GlobalDocumentDB;
 }
+
+export function extractMasterKeyfromConnectionString(connectionString: string): string {
+  // Only Gremlin uses the actual master key for connection to cosmos
+  const matchedParts: string[] = connectionString.match("AccountKey=(.*);ApiKind=Gremlin;$");
+  return (matchedParts.length > 1 && matchedParts[1]) || undefined;
+}
diff --git a/src/Platform/Hosted/Main.ts b/src/Platform/Hosted/Main.ts
index ca66480ea..0ca930ff1 100644
--- a/src/Platform/Hosted/Main.ts
+++ b/src/Platform/Hosted/Main.ts
@@ -119,9 +119,4 @@ export default class Main {
 
     throw new Error(`Unsupported AuthType ${authType}`);
   }
-
-  private static _getMasterKeyFromConnectionString(connectionString: string): string {
-    const matchedParts: string[] = connectionString.match("AccountKey=(.*);ApiKind=Gremlin;$");
-    return (matchedParts.length > 1 && matchedParts[1]) || undefined;
-  }
 }